Topic: [ANN] Whirlwind.money | ⚡No Fee⚡ | Ultimate Privacy | Anonymity Mining 12% APR🔥 - page 29. (Read 12468 times)

If what the member has stated is true, I think this has to be seen as a very harsh lesson for them to have learned. In the end, if you end up paying twice for the same weekly signature payment then it will mean others can follow suit and claim the same thing. The best thing for the member to do would be to accept their loss and move on.

If they are promoting a service they should at least understand how it functions.

You have not done anything to contribute to his loss therefore you should not be making any subsequent payment to him to cover his losses. After all, there is absolutely no way to know whether he is telling the truth or not and if that could be ascertained beyond doubt, you should not be paying signature campaign participants to cover the losses they incurred because of either their negligence or lack of understanding about the service they chose to promote.

You are completely independent of all the decisions you have to make in solving customer problems. Every customer that comes claiming to have deposited a certain amount must be proven by valid evidence, if they can't do it, then what are you worried about?

I don't understand and probably disagree that some other people should be held responsible for other people's mistakes, so I don't think it's a good decision for you to consider in that customer problem solving process. Regardless of whether you have good intentions for every customer who complains, but I think every customer should and must comply with all the rules and how your service works.

Exactly because exchanges don't add BTC in your balance as long as they aren't confirmed.

I would probably have done this. You have no way to know whether he is speaking the truth and you can't identify whether he will abuse the note (he may be a liar). If you allow this, it's very possible that he is trying to scam you. You will never know whether he is a liar or not.
If the amount is too small, I would say give it back to him. If a big one, don't, and make sure you warn the people on the website that there's no chance of getting back any funds if they don't have certain information. As said above, it will create room for scamming you.

Yes, if you do this, it would really be a precedent and you risk an increase in the number of similar cases. You are literally opening a bug for potential fraudsters. I don't think it should be done, because the rules are clear and everyone should take care of their money.
Certainly, additional attention should be paid to how clearly the essentiality is emphasized to the users to save Note Private Key and Letter of Guarantee.


This is also wrong because it will cause a lot of additional work for you, checks, apologizing to users, etc... All this can only negatively affect your reputation. Plus, I believe that not all of your users are necessarily active on Bitcointalk, so they are not necessarily familiar with this problem.


I don't know what the amount is, but this is probably the only correct solution.

If you still insist on going out to meet the user, you should not hurry with the decision. I would do all possible analyses in detail, even if it took a long period of time.

Just my 67 sat, which is the current fee.

Lazy at best.... Sorry but it's more or less the truth. Who is going to use a mixer without doing the basics?

Refunding from your pocket is nothing more than opening the doors to more abuses


It is not up to other people to suffer the damage created by strangers. They have nothing to do with it and they shouldn't be affected

What about to say to the user that it was his responsability to save PA, PK, LoG?...
Sometimes, we make mistakes, it happens during our whole life, but we learn from it

We received an unfortunate support inquiry and after discussing with the user in question we asked for his permission to post on bitcointalk and let the community decide how this matter should be resolved. He agreed as long as we do not reveal his transaction so here we are.

We are posting this in the ANN thread because we can't stress enough how important it is to find a general consensus on what should happen in this situation since it could have long-lasting implications for the future and we want to treat everyone fairly and show full transparency.

We will respect the community's decision, whatever it will be. To be clear we are not accusing anyone of ill intentions, we will lay out the facts and we kindly ask everyone to voice out their opinion.

The user contacted us and this is the information given to us:
1. He didn't save the Note Private Key
2. He didn't save the Note Public Address
3. He didn't save the Letter of Guarantee
4. He doesen't remember the exact donation % used
5. He can sign a message from the address used to deposit on Whirlwind

---

From our point of view the situation looks like this:
The user signing a message from the deposit address is definitely helpful, but that by itself doesen't prove anything other than the fact that indeed he made a deposit

As said before our databases (backend + 3 signers) only hold the Notes Public Addresses and their respective balances. We do not store any timestamps, information about deposits/pay to note/withdraws. We used this approach to keep Notes private even if a database breach happens at some point.

In this specific situation this is a huge problem because we ourselves have no way of linking a deposit to a Note, so unless we receive the Letter of Guarantee it's just a guessing game at best and we need to trust the user's word as we have nothing else to work with. We also have no way of verifying if the Note balance was partially or completely spent already because we do not know which one it is.

We checked the databases and there is more than 1 Note with a very similar balance, we calculated using what the user recalled was his donation % used and the numbers do not match exactly. This indicates that either he doesen't remember the % correctly or we are lied to, again there is no way for us to verify. In fact another possibility is that he spent his Note already, and none of the ones we see in the database are his.

The system is built in such a way that our manual intervention shouldn't ever be needed unless the user himself makes a mistake. Considering that at some point we will decentralize the service and there will be more signers manual intervention will only become harder to do so we need to agree on some sort of 'standard procedure'. It's important to mention that if the user ever finds his private key he will be able to withdraw without issues, the funds will remain on the multi-sig. (provided we don't identify the Note, delete it from the database and do a manual refund)

For us this is a lose-lose situation no matter what we choose to do since 'solving' it in any way would imply that we are not abiding by our own rules which are clearly states everywhere.(save your private key or you lose access to your funds, and in order to contact support you need to provide the LoG).

We have the following options, if anyone sees a better solution please let us know:
1. Refund him from our reserve and risk setting a dangerous precedent while also risking taking the hit ourselves in case we were lied to. (The Note would remain valid because we wouldn't know which one to delete)

2. Temporarily disable all Notes with similar balances and wait for the other Note holders to contact us to reenable them. If after some time 1 Note remains unchanged and we didn't receive any inquiries about it we would assume it belongs to this users and refund him. We would still risk taking the hit ourselves because the remaining Note holder may just not pay attention to the situation and not inquire about it only until after we've refunded. This is another dangerous precedent which we would like to avoid at all costs.

3. Treat Whirlwind as a network and respect the rules, in this case we will not be able to help in any way and the user would lose access to his funds assuming it's true that indeed he lost the private key

---

Regardless of what the outcome will be this should serve as an important lesson for everyone to never deposit before making sure you saved your Note Private Key. If you have access to it you won't encounter any issues.

Looking forward to your opinions.

All good, the transaction was broadcasted since yesterday but probably network fees increased before it was confirmed and only came back down today, that's why it took longer to reach your exchange wallet.

Next time I suggest you look the withdraw address up in an explorer to check yourself if the transaction was broadcasted or not.

We also highly recommended that you first withdraw from Whirlwind to one of your own addresses and only afterwards send where you want to. This way even if the withdraw from our multi-sig gets stuck like it happened this time you can still spend the UTXO with a higher fee and that will confirm the transaction faster.

The BTC has landed in my wallet, thanks for your concern, but I don't know why the transaction take this long before confirmation.
Is it because I decided to send it to an exchange wallet in order to avoid the network congestion then?

You should have received your Bitcoin yesterday, if the transaction wasn't broadcasted there is an issue somewhere and I suggest you send your LoG through email so we can check. A lot of withdraws went through since then and we just checked everything and it seems to be working properly, so what we assume is a lot more likely to have happened is your transaction was broadcasted but it wasn't confirmed yet. In that case you need to wait for it to be confirmed or simply spend the UTXO with a higher fee.

I'm also concerned about withdrawals. I made a withdrawal to my wallet address after receiving my first payment on the Whirlwind platform, but I have yet to receive my Bitcoin. I chose a time interval of 0 hours, but it is now more than 24 hours.

There is no transaction history because we do not store any information besides the entire Note balance so we can't show you something we do not have

After starting the Anonymity Mining thread we will post there the amount of rewards distributed daily and the time it was done so you can calculate how much you received without having to check your Note on the website every day.

We had an idea and asked for opinions about it in the other thread, it may be a decent solution for the inconvenience you mentioned. I'll quote the messages below:

I got another question after receiving my first payment to my note today and looking forward to receiving the anonymity mining rewards.

Is there some sort of withdrawal/deposit history for my note or could that be a possible feature?

If I give multiple people my deposit address for my note, I would have no way of telling how much bitcoin each of them sent me or am I missing something here?
Would that be a privacy concern?
Right now it would also be great to see how many rewards from the 12%APR come in every day.

All withdraws are sent at :00 every hour, so if you select a 0 hours delay you will receive your funds when the hour changes. If you initiated it at :55 you have to wait 5 minutes, if you did it at :32 you have to wait 28 minutes.

You can withdraw your $11 left on the Note balance at any time either by waiting until next week's signature campaign pay or by making a new deposit to a new Note to get over the 0.001BTC minimum withdraw threshold. For example if you have 0.00046BTC left on your current Note A, you would need to deposit another 0.00154BTC (0.001 is the minimum deposit, otherwise 0.00054BTC would be enough in this case) to a new Note B and use the Pay to Note feature to consolidate the balances (send from either Note A to Note B or Note B to Note A, it's the same thing) into a 0.002BTC balance which you can withdraw whenever you want.

One from me:

For the first time, I'm trying to withdraw bitcoin from signature campaign payout paid to my public address at whirlwind.money. This may be unusual in that I have to leave some sat in the mixer after withdrawal ($11 at current prices), but that's not the main problem because I also have to get used to how it works. I just want to know about the estimated withdrawal time in case I use 0 hours when making a withdrawal?

If you've answered this in a previous question, then sorry as I may have missed it.

We don't want to give a deadline for the implementation of zk-SNARKs until the business model proves to be viable. With or without zk-SNARKs the privacy you're getting is the same assuming we do not store any logs, so probably that's not the reason why we don't have that much volume yet. As soon as we see more volume passing through the platform (even 10-20 deposits a day on average is enough to show that demand exists) we will start the implementation and give a deadline, but from that moment it won't take longer than a few weeks at most.

If we missed any question or you feel like any of our responses weren't clear enough please quote them and we will address the matter again, this is very important. The sooner people truly understand how Whirlwind works the better it is for everyone. We are aware it seems like we're biased when we are comparing Whirlwind to other solutions, but we have the facts on our side so we believe it's just a matter of time until everyone or at least the vast majority come to the same conclusion.

Also it's important to note that we would be more than happy to give credit where it's due in case any of our statements are wrong. Everything we say and do is based on math so the probability of us being fundamentally wrong is close to 0 but still, if you think otherwise come forward and let's have a discussion.

Posting this illustration again for those that didn't see it yet, it should make it easier to understand how Whirlwind works:

A whole variety of wide ranging questions have been put forward in this threads and full credit to you for addressing (or trying to) each of those questions and comments. Since you mentioned it, how long will it approximately take before the process and be used by end users?

Correct, right now there is no way for us to prove this claim. As soon as we transition to the zk-SNARK based Note system it will be provably impossible for us to log any information but until then you have to take our word for it.

Both are equally important. It's a very big difference between 2 Anonymity sets with 10,000 deposits each made up of the following numbers:

Pool A: 5,000 x 0.001BTC | 4,000 x 0.01BTC | 500 x 0.1BTC | 500 x 1BTC

Pool B: 2,000 x 0.001BTC | 2,000 x 0.01BTC | 2,000 x 0.1BTC | 2,000 x 1BTC | 2,000 x 10BTC

While Pool A's Anonymity Set would be secure enough for a 0.01BTC deposit that is withdrawn immediately, it wouldn't be the same if the same situation happened with 10BTC instead of 0.01 . On the other hand a 10BTC deposit in Pool B could be withdrawn immediately without anything looking 'out of the ordinary'.

We agree it would be better if the Anonymity Mining campaign would include other conditions besides the 10,000 deposits, such as out of those 10,000 there should be a minimum of 500 over 0.5BTC, 500 over 1BTC and 500 over 5BTC. We decided not to impose these 'limits' because we assumed 10,000 deposits is a big enough number and people would deposit varied enough amounts regardless if we ask for it or not, but we may be wrong. What's your opinion on this?

As much as people don't want to hear it, 'anonymity' and more generally 'mixing' on Bitcoin are all about math and probabilities. Bitcoin is a public ledger available for anyone to review forever, now and at any point in the future. Keeping this in mind the only way to offer real anonymity is to have a scalable system, otherwise there are 0 reasons to use a centralized solution as opposed to Coinjoining yourself. Why would risk the operator stealing your funds, no matter how trusted he is, when you can get better privacy in a decentralized way? The only reason to ever use a centralized solution over a decentralized one should be if the centralized one offers exponentially better privacy.

We built Whirlwind because there is no other solution available that has the potential to stand the test of time. Think about any of our competitors and consider that all their addresses/clusters will be known in the future (if they are not already). Since there is a limit imposed on the delay, number of output addresses and fees, and there is no possibility to combine 2 deposits into a bigger output we strongly believe that anyone reviewing the flows will be able to deanonymize most if not all their users with relative ease.

On the other hand Whirlwind will only become stronger as time goes on thanks to the system it's based on, not weaker. Once we have a big enough Anonymity Set (something that is not possible for our competitors since their systems are fundamentally flawed and don't scale) there is simply no way to deanonymize users with certainty unless the user himself connects the transactions by using the same addresses or other similar mistakes.

Does the above make sense to you? If you have any questions or something is not clear enough please do not hesitate to ask. We will post a comparison with more details in the response to @fillippone question in this thread: https://bitcointalk.org/index.php?topic=5444933.80 .

We could and we will add more BTC ourselves but in order for this to be effective and not just an obvious sybil attack where we give users the false impression of a big Anonymity Set when in fact it's not, we need to add our reserve gradually blended with other real users deposits. We would rather take the time to do this the right way and not worry about anything coming back to bite us later.

The amount of BTC held in the multi-sig is not that relevant since we could add that ourselves, but it's very important that higher amount transactions happen (even if they are just deposits followed by a withdraw 1 hour later). Basically volume is more important than the multi-sig balance.

If we assume that you make a single 0.5BTC deposit and then withdraw 0.5BTC in one output then you are right with everything you said.

If we assume you make 5 x 0.1BTC withdrawals to different addresses that won't be connected afterwards then Pool D is almost the same with Pool B (assuming your 0.5BTC are already included in the figures you showed), the only difference being that in Pool B case you know for a fact that the outputs originated from at least 2 deposits while in Pool D case you can't know that.

If you withdraw your bitcoin from whirlwind in multiple steps of lets say 0.1BTC to different addresses so the individual withdrawals can't be linked together then you don't necessarily need bigger deposits than the one you made yourself right?

Lets take this pool:
Deposit 1: 1,0BTC
Deposit 2: 0,3 BTC
Deposit 3: 0,1 BTC

Now you deposit 0,4 BTC and withdraw in steps of 0,1BTC. Every single withdrawal could have been initiated by any of the 4 (including yourself) deposits. 

Well, they could also do the latter themselves, in fact, it's easier to just split a couple of bitcoins into a dozen random outputs of different sizes and send them to the mixer, you can increase the number of deposits to 10,000 in a few hours and be done with it.

Also, if what you say is correct, then the mining campaign would reward people based on the number of deposits rather than the amount, so instead of someone sending a single deposit of 1 BTC, they could send 10*0.1 BTC, this will increase the number of deposits by 10 as opposed to just 1.

I believe both are equally important.

Say we have 4 Whirlwind pools.

Pool A has the following deposits:

1- 1 BTC from address 1111
2- 0.5 BTC from address 2222


a total of 1.5 BTC and 2 deposits, if I was to send 0.5 to mix it, the output with be 1 of 2, I either get 1 or 2.

Pool B has the following deposits:

1- 0.2 BTC from address 1111
2- 0.1 BTC from address 2222
3- 0.4 BTC from address 3333
4- 0.3 3BTC from address 4444

a total of 1 BTC and 4 deposits if I was to mix the same 0.5 BTC, the number of suspects isn't exactly 4 in this case since I'll need to get at least 2 deposits, this means 4/2, and the suspect addresses will still be only 2 despite having 4 deposits in the pool.

Pool C would outperform pool B if it has:

1- 0.5 BTC from address 1111
2- 1 BTC from address 2222
3- 0.7 BTC from address 3333

it's 1 of 3 now, despite having fewer deposits.

Pool D which outperforms them all would be something like this:

1- 0.6 BTC from address 1111
2- 1.4 BTC from address 2222
3- 0.7 BTC from address 3333
4- 3.2 3BTC from address 4444

Of course, I could be wrong, this is just based on my understanding of how the multi-sig pool works, I hope to get more clearance and corrections of the different pool examples I posted above.

The number of deposits is more important than the amount of bitcoins. If it was all about the amount Whirlwind could easily do it themselves by adding xx BTC to the pool.

Not saying the amount is useless but the main point is to have many deposits, but also of different sizes, to make the system more effective

minimum amount is at 0.001


Yeah but like everywhere. That's how it works: more you spend, more you're rewarded